[[!toc levels=6]]

# Zeronet

## Instalação

    $ sudo -u www-data /bin/bash
    $ cd; mkdir lib; pushd lib
    $ wget https://github.com/HelloZeroNet/ZeroBundle/releases/download/0.1.1/ZeroBundle-linux64-v0.1.1.tar.gz
    $ tar xvpfz ZeroBundle-linux64-v0.1.1.tar.gz
    $ ./ZeroBundle/ZeroNet.sh
    $ ^C
    $ popd

## Configuração

_Conteúdo de **/var/www/lib/ZeroBundle/ZeroNet/zeronet.conf**:_

    [global]
    ui_ip = *

# Systemd

    $ sudo vim /lib/systemd/system/zeronet.service

_Conteúdo de **/lib/systemd/system/zeronet.service**:_

    [Unit]
    Description=Zeronet as a daemon
    After=network.target
    
    [Service]
    Type=simple
    User=www-data
    Group=www-data
    ExecStart=/bin/bash /var/www/lib/ZeroBundle/ZeroNet.sh
    #ExecStart=/var/www/lib/ZeroBundle/Python/python /var/www/lib/ZeroBundle/ZeroNet/zeronet.py main
    
    [Install]
    WantedBy=multi-user.target

# Nginx

_Conteúdo de **/etc/nginx/sites-enabled/zeronet.conf**:_

    server {
        listen          80;
        listen          [::]:80;
        server_name     zeronet.iikb.org;
        rewrite         ^       https://$server_name$request_uri? permanent;
    }
    server {
        listen          80;
        listen          [::]:80;
        server_name     *.zeronet.iikb.org;
        return          301     http://zeronet.iikb.org$request_uri;
    }
    server {
        listen          80;
        listen          [::]:80;
        server_name     zeronet.iikb.xyz;
        rewrite         ^       https://$server_name$request_uri? permanent;
    }
    server {
        listen          80;
        listen          [::]:80;
        server_name     *.zeronet.iikb.xyz;
        return          301     http://zeronet.iikb.xyz$request_uri;
    }
    
    server {
        listen          80;
        listen          [::]:80;
        server_name     0net.iikb.org;
        return          307     http://zeronet.iikb.org;
    }
    server {
        listen          80;
        listen          [::]:80;
        server_name     0net.iikb.xyz;
        return          307     http://zeronet.iikb.xyz;
    }
    
    server {
        listen                          443 ssl;
        listen                          [::]:443 ssl;
        ssl_protocols                   TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers       on;
        ssl_ciphers                     "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
        ssl_ecdh_curve                  secp384r1;
        ssl_session_cache               shared:SSL:10m;
        ssl_session_tickets             off;
        ssl_stapling                    on;
        ssl_stapling_verify             on;
        resolver                        208.67.220.220 208.67.222.222 valid=300s;
        resolver_timeout                5s;
        add_header                      Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
        add_header                      X-Frame-Options SAMEORIGIN;
        add_header                      X-Content-Type-Options nosniff;
        ssl_certificate                 /etc/letsencrypt/live/iikb.org/fullchain.pem;
        ssl_certificate_key             /etc/letsencrypt/live/iikb.org/privkey.pem;
        ssl_trusted_certificate         /etc/letsencrypt/live/iikb.org/chain.pem;

        server_name     zeronet.iikb.org;
        location / {
                proxy_pass              http://localhost:43110;
                proxy_http_version      1.1;
                proxy_set_header        Upgrade                 $http_upgrade;
                proxy_set_header        Connection              "upgrade";
                proxy_set_header        Host                    $host;
                proxy_set_header        X-Real-IP               $remote_addr;
                proxy_set_header        X-Forwarded-For         $proxy_add_x_forwarded_for;
                proxy_read_timeout      1800;
                proxy_connect_timeout   1800;
        }
    }
    server {
        listen                          443 ssl;
        listen                          [::]:443 ssl;
        ssl_protocols                   TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers       on;
        ssl_ciphers                     "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
        ssl_ecdh_curve                  secp384r1;
        ssl_session_cache               shared:SSL:10m;
        ssl_session_tickets             off;
        ssl_stapling                    on;
        ssl_stapling_verify             on;
        resolver                        208.67.220.220 208.67.222.222 valid=300s;
        resolver_timeout                5s;
        add_header                      Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
        add_header                      X-Frame-Options SAMEORIGIN;
        add_header                      X-Content-Type-Options nosniff;
        ssl_certificate                 /etc/letsencrypt/live/iikb.xyz/fullchain.pem;
        ssl_certificate_key             /etc/letsencrypt/live/iikb.xyz/privkey.pem;
        ssl_trusted_certificate         /etc/letsencrypt/live/iikb.xyz/chain.pem;

        server_name     zeronet.iikb.xyz;
        location / {
                proxy_pass              http://localhost:43110;
                proxy_http_version      1.1;
                proxy_set_header        Upgrade                 $http_upgrade;
                proxy_set_header        Connection              "upgrade";
                proxy_set_header        Host                    $host;
                proxy_read_timeout      1800;
                proxy_connect_timeout   1800;
        }
    }
